t ag i solated m emory b ringing fine grained e nclaves
play

T ag- I solated M emory B ringing Fine-grained E nclaves to R ISC- V - PowerPoint PPT Presentation

Jan 18, 2023 •386 likes •1.36k views

S C I E N C E T E C H N O L O G Y P A S S I O N T ag- I solated M emory B ringing Fine-grained E nclaves to R ISC- V Samuel Weiser Mario Werner Ferdinand Brasser Maja Malenko Stefan Mangard Ahmad Sadeghi

  1. S C I E N C E T E C H N O L O G Y P A S S I O N T ag- I solated M emory B ringing Fine-grained E nclaves to R ISC- V Samuel Weiser ∗ Mario Werner ∗ Ferdinand Brasser † Maja Malenko ∗ Stefan Mangard ∗ Ahmad Sadeghi † ∗ Graz University of Technology † TU Darmstadt NDSS’19, San Diego www.iaik.tugraz.at

  2. TIMBER-V 2 Motivation Goal: Protect sensitive code and data Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  3. TIMBER-V 2 Motivation App Goal: Protect sensitive code and data OS Hypervisor Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  4. TIMBER-V 2 Motivation Enclave App Goal: Protect sensitive code and data OS Hypervisor Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  5. TIMBER-V 2 Motivation Enclave App App Goal: Protect sensitive code and data OS OS Hypervisor Hypervisor from malicious software Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  6. TIMBER-V 2 Motivation Enclave App App Goal: Protect sensitive code and data OS OS Hypervisor Hypervisor from malicious software Intel SGX is cool, but Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  7. TIMBER-V 2 Motivation Enclave App App Goal: Protect sensitive code and data OS OS Hypervisor Hypervisor from malicious software Intel SGX is cool, but Closed ISA, microarchitecture Hardware backdoors? [8] Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  8. TIMBER-V 2 Motivation Enclave App App Goal: Protect sensitive code and data OS OS Hypervisor Hypervisor from malicious software Intel SGX is cool, but Closed ISA, microarchitecture Hardware backdoors? [8] RISC-V is completely open Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  9. TIMBER-V 2 Motivation Enclave App App Goal: Protect sensitive code and data OS OS Hypervisor Hypervisor from malicious software Intel SGX is cool, but Closed ISA, microarchitecture Hardware backdoors? [8] RISC-V is completely open Bring SGX features to embedded RISC-V Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  10. TIMBER-V 2 Motivation Enclave App App Goal: Protect sensitive code and data OS OS Hypervisor Hypervisor from malicious software Intel SGX is cool, but Closed ISA, microarchitecture Hardware backdoors? [8] RISC-V is completely open Bring SGX features to embedded RISC-V (embedded = ARM Cortex-M) Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  11. TIMBER-V 3 Background: Enclaves Secure execution Enclave Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  12. TIMBER-V 3 Background: Enclaves Secure execution Protect against all other software Malicious app Enclave App Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  13. TIMBER-V 3 Background: Enclaves Secure execution Protect against all other software Malicious app Malicious OS Enclave App OS Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  14. TIMBER-V 3 Background: Enclaves Secure execution Protect against all other software Malicious app Malicious OS Malicious hypervisor Enclave App OS Hypervisor Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  15. TIMBER-V 3 Background: Enclaves Secure execution Protect against all other software Malicious app Malicious OS Malicious hypervisor Malicious enclaves Enclave Enclave App App OS Hypervisor Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  16. TIMBER-V 3 Background: Enclaves Secure execution Protect against all other software Malicious app Malicious OS Malicious hypervisor Malicious enclaves Enclave Enclave App App Minimal trust (enclave + HW) OS Hypervisor Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  17. TIMBER-V 4 Related Work - Secure Execution ”Large”: Sanctum (RISC-V) [2] ”Embedded”: [3, 4, 7, 1, 9] RISC-V: MultiZone [5], Keystone [6] Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  18. TIMBER-V 4 Related Work - Secure Execution ”Large”: Sanctum (RISC-V) [2] ”Embedded”: [3, 4, 7, 1, 9] RISC-V: MultiZone [5], Keystone [6] Problems Inflexible isolation boundaries Memory fragmentation Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  19. TIMBER-V 5 Problem: Memory Fragmentation Physical memory Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  20. TIMBER-V 5 Problem: Memory Fragmentation Process A App Enclave Data Stack Physical memory Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  21. TIMBER-V 5 Problem: Memory Fragmentation Process A App Enclave Data Stack Data Stack Physical memory Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  22. TIMBER-V 5 Problem: Memory Fragmentation Process A Process B App App Enclave Enclave Data Stack Data Stack Data Stack Physical memory Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  23. TIMBER-V 5 Problem: Memory Fragmentation Process A Process B App App Enclave Enclave Data Stack Data Stack Data Stack Data Stack Physical memory Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  24. TIMBER-V 5 Problem: Memory Fragmentation X Process A Process B Process C App App App Enclave Enclave Enclave Data Stack Data Stack Data Stack Data Stack Physical memory Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  25. TIMBER-V 5 Problem: Memory Fragmentation X Process A Process B Process C App App App Enclave Enclave Enclave Data Stack Data Stack Data Stack Data Stack Physical memory Bad memory utilization Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  26. TIMBER-V 5 Problem: Memory Fragmentation Process A Process B Process C App App App Enclave Enclave Enclave Data Stack Bad memory utilization We want to interleave memory → Stack sharing Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  27. TIMBER-V 5 Problem: Memory Fragmentation Process A Process B Process C App App App Enclave Enclave Enclave Data Stack Data Stack Bad memory utilization We want to interleave memory → Stack sharing Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  28. TIMBER-V 5 Problem: Memory Fragmentation Process A Process B Process C App App App Enclave Enclave Enclave Data Stack Data Stack Data Stack Bad memory utilization We want to interleave memory → Stack sharing Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  29. TIMBER-V 6 Contributions : Enclaves from tagged memory for embedded RISC-V Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  30. TIMBER-V 6 Contributions : Enclaves from tagged memory for embedded RISC-V Novel stack sharing App Enclave Shared stack Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  31. TIMBER-V 6 Contributions : Enclaves from tagged memory for embedded RISC-V Novel stack sharing Fast shared enclave memory App Enclave ... Shared stack Proof-of-concept Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  32. TIMBER-V 7 TIMBER-V Overview Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  33. TIMBER-V 7 TIMBER-V Overview Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  34. TIMBER-V 7 TIMBER-V Overview Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  35. TIMBER-V 8 Enclave building blocks: Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  36. TIMBER-V 8 Enclave building blocks: Memory isolation Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  37. TIMBER-V 8 Enclave building blocks: Memory isolation Entry points Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  38. TIMBER-V 8 Enclave building blocks: Memory isolation Entry points Attestation, sealing Inter-enclave communication Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  39. TIMBER-V 8 Enclave building blocks: Memory isolation Entry points Attestation, sealing Inter-enclave communication Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  40. TIMBER-V 9 Traditional Memory Protection Unit (MPU) Physical Memory MPU regions define application Problem: inflexible Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  41. TIMBER-V 10 Tagged Memory Memory tags → Physical Memory Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  42. TIMBER-V 10 Tagged Memory Memory tags → Physical Memory Memory tags define applications Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  43. TIMBER-V 10 Tagged Memory Memory tags → Physical Memory Memory tags define applications Problem: high memory overhead Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  44. TIMBER-V 11 TIMBER-V: MPU + Tagged Memory MPU region defines application Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  45. TIMBER-V 11 TIMBER-V: MPU + Tagged Memory MPU region defines application Application cannot escape Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  46. TIMBER-V 11 TIMBER-V: MPU + Tagged Memory Memory tag defines enclave Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  47. TIMBER-V 11 TIMBER-V: MPU + Tagged Memory Memory tag defines enclave Memory tag defines TagRoot Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

  48. TIMBER-V 12 TIMBER-V Tag Isolation Normal Normal memory Samuel Weiser www.iaik.tugraz.at NDSS’19, San Diego

Recommend

Fine-Grained Geographic Communication (Geocast) Nexus Workshop Frank Drr 23.07.2003 1

Fine-Grained Geographic Communication (Geocast) Nexus Workshop Frank Drr 23.07.2003 1

Fine-Grained Geographic Communication (Geocast) Nexus Workshop Frank Drr 23.07.2003 1 Overview Motivation Requirements for Fine-Grained Geocast Location Model for Fine-Grained Geographic Addressing Summary Related Work

752 views • 18 slides
Mechanized Verification of Fine-grained Concurrent Programs Ilya Sergey Aleks Nanevski

Mechanized Verification of Fine-grained Concurrent Programs Ilya Sergey Aleks Nanevski

Mechanized Verification of Fine-grained Concurrent Programs Ilya Sergey Aleks Nanevski Anindya Banerjee PLDI 2015 Terminology Coarse-grained Concurrency synchronisation between threads via locks ; Fine-grained

973 views • 72 slides
Parts of Speech More Fine-Grained Classes More

Parts of Speech More Fine-Grained Classes More

Parts of Speech More Fine-Grained Classes More Fine-Grained Classes Actually , I ran home extremely quickly yesterday The closed classes Example of POS tagging The Penn Treebank Part-of-Speech

747 views • 54 slides
Fine Grained Access Control Fine-Grained Access Control Fine Grained Access Control

Fine Grained Access Control Fine-Grained Access Control Fine Grained Access Control

Fine Grained Access Control Fine-Grained Access Control Fine Grained Access Control Fine-grained access control examples: p g Students can see their own grades Students can see grades of all students in courses they registered for

548 views • 34 slides
Fine-grained Visual Analysis: From Classification to Retrieval Yi-Zhe Song SketchX Lab, CVSSP,

Fine-grained Visual Analysis: From Classification to Retrieval Yi-Zhe Song SketchX Lab, CVSSP,

Fine-grained Visual Analysis: From Classification to Retrieval Yi-Zhe Song SketchX Lab, CVSSP, University of Surrey, UK http://sketchx.ai Why fine-grained? Dog Dog Dog I am not just a dog Why fine-grained? Husky

615 views • 24 slides
Fine-grained Image Recognition Lei Wang VILA group School of Computing and Information

Fine-grained Image Recognition Lei Wang VILA group School of Computing and Information

Learning Kernel-matrix-based Representation for Fine-grained Image Recognition Lei Wang VILA group School of Computing and Information Technology University of Wollongong, Australia 11-Dec-2019 Introduction Fine-grained image recognition

1.56k views • 58 slides
TRILL Fine Grained Labeling Donald Eastlake 3 rd Huawei

TRILL Fine Grained Labeling Donald Eastlake 3 rd Huawei

TRILL Fine Grained Labeling Donald Eastlake 3 rd Huawei Technologies d3e3e3@gmail.com November 2011 TRILL WG 1 Fine Grained Labeling A way to

469 views • 8 slides
Addressing Inter-Class Similarity in Fine-Grained Visual Classification Abhimanyu Dubey

Addressing Inter-Class Similarity in Fine-Grained Visual Classification Abhimanyu Dubey

Addressing Inter-Class Similarity in Fine-Grained Visual Classification Abhimanyu Dubey Collaborators: Nikhil Naik, Ryan Farrell, Otkrist Gupta, Pei Guo, Ramesh Raskar Fine-Grained Visual Classification - Image classification with target

760 views • 35 slides
On the Correctness Criteria of Fine-Grained Access Control in Relational Databases Qihua Wang,

On the Correctness Criteria of Fine-Grained Access Control in Relational Databases Qihua Wang,

On the Correctness Criteria of Fine-Grained Access Control in Relational Databases Qihua Wang, Ting Yu, Ninghui Li Jorge Lobo, Elisa Bertino Keith Irwin, Ji-Won Byun Outline Introduction Correctness Criteria A Fine-Grained Access

1.21k views • 51 slides
Fine-Grained Power Modeling for Smartphones Using System Call Tracing Based on paper and

Fine-Grained Power Modeling for Smartphones Using System Call Tracing Based on paper and

Fine-Grained Power Modeling for Smartphones Using System Call Tracing Based on paper and presentation by: Abhinav Pathak, Y. Charlie Hu, Ming Zhang Paramvir Bahl, Yi-Min Wang Damian Rodziewicz Fine-Grained Power Modeling for Smartphones

701 views • 33 slides
Fine-Grained Access Control Fine Grained Access Control Fine-grained access control examples:

Fine-Grained Access Control Fine Grained Access Control Fine-grained access control examples:

Fine-Grained Access Control Fine Grained Access Control Fine-grained access control examples: Students can see their own grades Students can see their own grades Students can see grades of all students in courses they registered for

338 views • 17 slides
Fine Grained Coordinated Parallelism in a Real World Application Mohammad Rezaei, PhD June 2012

Fine Grained Coordinated Parallelism in a Real World Application Mohammad Rezaei, PhD June 2012

Fine Grained Coordinated Parallelism in a Real World Application Mohammad Rezaei, PhD June 2012 1 Outline Types of parallelism Algorithm description Why fine grained parallelism? Concurrency is hard no, its different

419 views • 19 slides
Mesos A Platform for Fine-Grained Resource Sharing in the

Mesos A Platform for Fine-Grained Resource Sharing in the

Mesos A Platform for Fine-Grained Resource Sharing in the Data Center Benjamin Hindman, Andy Konwinski, Matei Zaharia , Ali Ghodsi, Anthony Joseph,

438 views • 32 slides
Enhancing Fine- Grained Parallelism Loop vectorization, Loop distribution, Scalar expansion

Enhancing Fine- Grained Parallelism Loop vectorization, Loop distribution, Scalar expansion

Enhancing Fine- Grained Parallelism Loop vectorization, Loop distribution, Scalar expansion Scalar and array renaming 1 Fine-Grained Parallelism Theorem 2.8. A sequential loop can be converted to a parallel loop if the loop carries no

606 views • 41 slides
Fine-Grained Tracking of Grid Infections Ashish Gehani SRI Basim Baig, Salman Mahmood, Dawood

Fine-Grained Tracking of Grid Infections Ashish Gehani SRI Basim Baig, Salman Mahmood, Dawood

Fine-Grained Tracking of Grid Infections Ashish Gehani SRI Basim Baig, Salman Mahmood, Dawood Tariq, Fareed Zaffar LUMS Fine-Grained Tracking of Grid Infections p. 1/18 Introduction Grid semantics Not middleware-specific Distributed

644 views • 18 slides
Owen S. Hofmann, Xuan Wang, Emmett Witchel, Donald E. Porter 1 Fine-grained locking -

Owen S. Hofmann, Xuan Wang, Emmett Witchel, Donald E. Porter 1 Fine-grained locking -

Sangman Kim , Michael Z. Lee, Alan M. Dunn, Owen S. Hofmann, Xuan Wang, Emmett Witchel, Donald E. Porter 1 Fine-grained locking - Bug-prone, hard to maintain Parallelism - OS provides poor support Coarse-grained locking - Reduced

536 views • 34 slides
Part-based R-CNNs for Fine-grained Category Detec7on

Part-based R-CNNs for Fine-grained Category Detec7on

Part-based R-CNNs for Fine-grained Category Detec7on Ning Zhang Jeff Donahue Ross Girshick Trevor Darrell

741 views • 39 slides
Interpreting Fine-grained Dermatological Classification with Deep Learning S Mishra [1] , H

Interpreting Fine-grained Dermatological Classification with Deep Learning S Mishra [1] , H

Interpreting Fine-grained Dermatological Classification with Deep Learning S Mishra [1] , H Imaizumi [2] , T Yamasaki [1] 1 The University of Tokyo 2 ExMedio Inc ISIC Skin Image Analysis Workshop 1 Sco cope Analyze model accuracy gap on

542 views • 28 slides
Combining Data-Intense and Compute-Intense Methods for Fine-Grained Morphological Analyses Petra

Combining Data-Intense and Compute-Intense Methods for Fine-Grained Morphological Analyses Petra

Combining Data-Intense and Compute-Intense Methods for Fine-Grained Morphological Analyses Petra Steiner Friedrich Schiller University Jena Jena, Germany September 19, 2019 Outline 3 September 19, 2019 Fine-Grained Morphological Analyses

1.31k views • 118 slides
A Fine-Grained Analogue of Schaefers Theorem in P: Dichotomy of k -Quantified

A Fine-Grained Analogue of Schaefers Theorem in P: Dichotomy of k -Quantified

A Fine-Grained Analogue of Schaefers Theorem in P: Dichotomy of k -Quantified First-Order Graph Properties Karl Nick Marvin Bringmann 1 Fischer 1 Knnemann 1 1 Max Planck Institute for Informatics, Saarland Informatics Campus (SIC),

772 views • 73 slides
Weaker Forms of Monotonicity for Declarative Networking: a more fine-grained answer to the

Weaker Forms of Monotonicity for Declarative Networking: a more fine-grained answer to the

Weaker Forms of Monotonicity for Declarative Networking: a more fine-grained answer to the CALM-conjecture. Tom J Ameloot 1 , Bas Ketsman 1 , Frank Neven 1 and Daniel Zinn 2 1 Hasselt University 2 LogicBlox, Inc 1 Overview 1. Introduction 2.

815 views • 34 slides
ConScript Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser

ConScript Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser

ConScript Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser Leo Meyerovich Benjamin Livshits UC Berkeley Microsoft Research Web Programmability Platform openid.net yelp.com adsense.com Google maps 2

727 views • 41 slides
Junfeng Fan ESAT/COSIC ECC implementation methods Multi-core systems Coarse-Grained

Junfeng Fan ESAT/COSIC ECC implementation methods Multi-core systems Coarse-Grained

Junfeng Fan ESAT/COSIC ECC implementation methods Multi-core systems Coarse-Grained Parallelism (CGP) Fine-Grained Parallelism (FGP) Fine-Grained Parallelism (FGP) Two Dimensional Parallelism (TDP) Results Conclusions Q

467 views • 20 slides
Instruction-Level Parallelism (ILP) Fine-grained parallelism Obtained by: instruction

Instruction-Level Parallelism (ILP) Fine-grained parallelism Obtained by: instruction

Instruction-Level Parallelism (ILP) Fine-grained parallelism Obtained by: instruction overlap in a pipeline executing instructions in parallel (later, with multiple instruction issue) ILP hindered by: data dependence : arises

340 views • 21 slides

More recommend